• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
Computer Business World News

Computer Business World News

Trending News about Computers, Business and Tech

  • Home
  • Business
  • Careers
  • Computers
  • Tech
  • About/Contact

This file-sharing app with over a billion downloads has some major security flaws System Hardening Android

February 16, 2021 by CBW Reporter

One of the most popular Android file sharing apps has several vulnerabilities that haven’t been fixed by its developers for over three months, new research has claimed. 

Security researchers at Trend Micro discovered the shortcomings in the ShareIT app that if exploited, can not only leak a user’s sensitive data, but can also execute arbitrary code on the device. 

More worryingly, the vulnerabilities were brought to the attention of the app’s publishers over three months ago, but have seemingly decided to ignore the report.

Improper defaults

“We reported these vulnerabilities to the vendor, who has not responded yet. We decided to disclose our research three months after reporting this since many users might be affected by this attack because the attacker can steal sensitive data and do anything with the apps’ permission,” noted Trend Micro in its report.

Even more worryingly, the researchers add that any attacks launched by exploiting these vulnerabilities will be hard to detect as they masquerade the legitimate operations of the app.  

While discussing the vulnerabilities in detail, the researchers say that the flaws exist because the app implements its sharing functions with improper settings that leave it prone to abuse.

The researchers were able to successfully exploit the vulnerabilities with a proof-of-concept app to gain temporary read/write access to the data on the device, and even managed to run arbitrary code on the device. 

Since ShareIT’s developers failed to respond to the researchers, they’ve also brought it to the attention of Google – however, there has been no response as yet, and the app still continues to be listed on the official Android Play Store.

View Source

Filed Under: Computers

Primary Sidebar

More to See

Harnessing data to make sustainability profitable Harnessing data to make sustainability profitable for your business

Consumers today are demanding more sustainable products, whilst shareholders are also pushing organizations for higher profit margins. Couple this … [Read More...] about Harnessing data to make sustainability profitable Harnessing data to make sustainability profitable for your business

Once Crippled by the Pandemic, Airlines See a Fast Recovery Coming

“No matter what the headlines have been, no matter how the market’s turned, we always tend to find bookings rebounding fastest, soonest and greatest … [Read More...] about Once Crippled by the Pandemic, Airlines See a Fast Recovery Coming

New York Times Tells Tech Workers to Put Union Effort to a Vote

The New York Times Company said on Thursday that it would not voluntarily recognize a newly formed union of tech and digital employees, instructing … [Read More...] about New York Times Tells Tech Workers to Put Union Effort to a Vote

Footer

SITE INFORMATION

COMPUTER BUSINESS WORLD NEWS

About/Contact

Privacy Policy

Thank you for visiting our website.

Recent

  • Harnessing data to make sustainability profitable Harnessing data to make sustainability profitable for your business
  • Fitbit sale: pick up the Fitbit Inspire 2 for just £70 at Amazon Fitbit Inspire 2
  • Nestle CEO says business case for sustainability emerges as consumers demand it more than before

Search

Copyright © 2021 Computer Business World